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METHOD AND ARRANGEMENT IN A COMMUNICATION 

NETWORK 



5 FIELD OF INVENTION 

The present invendon xdates to the field of communicatioii nctwoik and more 
spedfically to an ad hoc communication network and a m^iod for establishing 
secudty in an ad hoc necvotk. 

10 DESCRIPTION OF RELATED ART 

The fast g t uwd i of open netwoxks with easy access has raised many secuxicy 
problems. Several security sohitions for public networks like the Internet have 
appeared. Security is a problem in all kinds of open networks both wired and 
wireless. Infomxation transmitted over the air is extremely vulnerable. Today there 
15 exist solutions that are built upon some type of so called pub£c key mjhutruoure 
(PKI). A pubUc key infitastrucnire is a system used to distribute and check public 
keys that can be used to authenticate users, exchange session keys, sign 
information or encrypt information. 

20 In a PKI system, two corresponding (also called asymmetdc) keys are used in 
connection with protecting information. Information^ which is encrypted with one 
of the two keys, can be decrypted only with die other key. In some PKI systems 
either of the two keys can be used to enczypt and the other to deciypr. In other 
systems, one key must be used only for encryption and the other for decryption. 

25 One important feature of PKI systems is that it is computationally unfeasible to 
use knowledge of one of the keys to deduce the other key. In a typical PKI 
system, each of the systems possesses a set of two such keys. One of the keys is 
maintained private while the other is freely published. If a sender encxypts a 
message with the rec^nent^s pubUc key, only the intended recipient can decrypt the 

30 message, since only the rec^ient is in possession of the private key corresponding 
to die published public key. If the sender, before performing the above 
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eacryption^ first encrypts the message with me sendees private key, the rec^nent^ 
upon perfotxning first a deoryptioii, using jthe recipient's private keyy then a 
decryption on the result, using the sender'sjl public key, is assured not only of 



privacy but of authentication since 



onjy 



the sender could have encrypted a 



message sudi that the sender's pubhc key successfully decrypts ic In one digital 
signature scheme, one-way hash is first applied to a message and the hash of the 
message is encrypted widi the sendet^s pxivatiik^- 

■ I 

A PKI distributes one or sevetal public keys and determine whether a certam 

lor not. A piece of digitally signed 
informatian is often called a certificate. Certificates are the basis \^on which FKIs 
are built 

l! 

The degree of confidence Chat the recqnent has in the source of a message 



public key can be trusted for certain usage 



depends on the degree of the recipient's 



{i 

confidence that the sender's pubhc key 
cocresponds co a private key tliat was [>oss|essed only by ^e sendee In many 
cunent sj^tems, a number of generally well||tmsted certification authorities have 
been established to provide this degree of corifidence, 

A common certificate format is Standarl xlsOQ (developed by ihe International 
Standards Organisation (ISO) and ihe jjComite Consultatif Internationale 
Td^jEaphique et Telcphonicjue (CCTTI^). ^iich a ccrtifirate may, e,g, include a 
pubhc key, the name of subject who possessejs or is associated with the public key, 
an expiration date, all of ^xdiich are digit illy |igned by a trusted party. The digital 
signature may be provided e.g., according to; the digital signature standard (DSS) 

(National Institute of Standards and Tecfinology (NISI)). Typically a digital 

j 

signature involves ^>plying a one-way hash and then encrypting with the private 
key of, in this case, the certification author jty. Such digital signature is provided 
using the private key of the trusted party wlujch, in turn, is authenticated using the 
trusted party's certificate signed by yet ai lothjer trusted party, so that there may be 
a multi-level hierarchy of trusted parties. . ! 

Another certificate format is Pretty jSoo^d Privacy (PGP) developed by P. 
Zimmermann and described in Intemex Engineenng Tsusk Force (IETF) Open 
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PGP Specification, PGP provides a way 



exchange keys. Thus it is more than jusit a 1?KI. However, the main idea with 



PGP is that no strict PKI is needed 



to encrypt and decrypt, sign data and 



Instead the PGP xisers themselves 



create and extend the PKI they need. This is done by certifying other users 



5 public keys, Le., signing trusted public 



teys with their own secret key. In this 



way a "web of trust" is created A pardcidar key may have several different 
viser IDs. Typically a user ID is an eniaDj address. If a revocation signature 
follows a key, the key is revoked- A u^er certifies anodier users key by 

I i 

signing it with one of the keys of his o;wn, which has signing capability. 
When signing another key, different trustj levels can be set; Le., the amount 

I i 

of confidence the signer has in the signed ikey and user ID. 



Today, so-called ad hoc networks are used more and more fiiequendy. An ad hoc 

j ! 

network is established temporary for ja special purpose. There is no fixed 

{ I 

tn&astxucture, die nodes are the netwodc] H^c nodes within the network are often 
mobile and using radio links. An ad hoc network might constitute dynamic wide 
area connectivity in situations such as miliiary operations, rescue and recovery 
operations^ and remote construcdon sites. An ad hoc network mighc also 

constitute local area connectivity in situations such as temporary conference sites, 

j 

home networks and robot networks. A a ad hoc network mig^t abo constitute 
personal area netwodcs in situations swii as interconnected accessories, ad hoc 
conference table and games. The nodes mi^t consist of e.g. mobile phones, lap 
tops, television sets, washing machines In some situations like in military 
operations or biisiness conferences whei die communication between the nodes 
comprises secrets, it is very important that a jsender of a message can trust that the 
receiver rcaBy is the intended receiver. 

! 
I 

between public keys and names or 
authoxisation arc described. Several of t] lesej certificate solutions exist in different 
systems. However, it is not yet described jhow different certificates needed for 
different kinds of purposes are obtained. In the case of ordinary X.509 type of 



In the previous examples, bindings 
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PKI with hietarchical Certificate Authonty: (GA) stxuccures» findixig the riglit 
certificate is done using some central on*]ine secvex or by direct transmission of 

the certificate at connection set up. When using PGP cither the desired public key 

I * ! 

is stored locally on a machine or the device has to make a connection to a central 
PGP server in order to find the desired pubiq key. This works if it is possible for 
entities that need some type of secudtyj relation to have on-line connections to 
some particular servers. This is not the case; for ad hoc netwoiks. Ad hoc 

netwot^ ate created on the fly between entities that happen to be at die same 

I : 

physical location. 



Therefore, what is funbet needed is a nicchanism for checking if different nodes 
in an ad hoc network share a trust relation and |for creating trust among a certam 
set of nodes without any pre-defined relations. 



The problem of how to distribute trust using public keys in ad hoc networks is 
addressed in this invention- Still the Acting IfKIs provide a basis upon which 

! i 

solution also fi>r ad hoc network can be built. 



20 



25 



SUMMARY OF THE INVENTION; 

The present invention relates to the requirement of security in an ad hoc network. 
More particularly it relates to the problem within ad hoc networks, not having on- 
line connections to a particular server for getting desired public keys or certificates, 
required to create trust relations. j 



Accordingly, it is an object of the present linvention to unravel the above- 
30 mentioned problem. 
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The aforesaid problem are solved by means of a metKod for finding possible trust 
relations between nodes \ddiin the ad hoc network and share them ivith other 
nodes widiin the ad hoc network. 

5 The foQoxioDg scenario of establishing security in an ad hoc network describes the 
inventive concept of the present invennon. 

Within an ad hoc communication network, some of tke nodes have a mutual trust 
relation CD eadi other, thus constimting a trust group. A node within the network 
10 is being a candidate node for joining the trust group. An X-node is identified, 
bcix&g a member of a trust groi^ and having a trust relation widi the candidate 
node. The X-node distributes trust relations between the members of the trust 
group and the candidate node. 

15 An advantage of the present invention is it is possible to achieve the necessary 
security assodatiotis needed for distributing and sharing information among a 
group of users diat happens to be at the same physical location. There are a large 
amoimt of applications that fits in to this scenario. Among those can be 
mentioned people £com dififerenr companies or organisations that gather in a 

20 conference room can share documents xvith the meetxug members. 



25 



30 



Another advantage of the present invention is that die number of manually 
created trust relations between members in an ad hoc communication network is 
decreased. 

Fxuther scope of applicabiUty of the present invention xnll become apparent £com 
the detailed descr^tion given hereinafter. However, it should be understood diat 
the detailed description and spedfic examples, \pfaile indicating preferred 
embodiments of the invention, are given by way of illustcaiion only, smce vanous 
changes and modifications within the spirit and scope of the invention will 
become apparent to those skilled in the art ficom diis detailed description. 
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BRIEF DESCRIPnON OF THE.DRAWINGS 

Figure 1 shows a scenario whete a sin^ node establishes trust with an 
existixig trust group within a communicacion netwotk. 
5 Figure 2 shows a scenario where trust is estabhshed in an ad hoc 
communication network. 
Figures shows a scenario where trust is established in an ad hoc 

conununication network. 
Figure 4 shows a scenario where two trust groups within an ad hoc 
10 communicarion network are merged 

Figures shows a scenario ^ere two trust gcoups within an ad hoc 

conmxunication network are merged. 
Figured shows a scenario ^rfberc two trust groups within an ad hoc 

commimication network are meiged. 
Figure? shows a scenario where two trust groups within an ad hoc 
f^mm^^^^^ti^*^ network are merged. 



20 DESCRIPTION OF PREFFERED EMBODIMENTS 

The ad hoc conmiunication network accotding to the invention consricutes eg. a 
bhietooth network. The ad hoc network comprises nodes constituting e.g., 
laptops and mobile phones, each node comprising a receiver and a computer, die 
computer comprising a processor and a memory. The nodes are interconnected 

25 via conomunicarion hnks. 

Figure 1 shows a possible scenario of the present invention in which a single 
node 101 is added to an existing tmst group lOZ The trust group 102 comprises 
nodes 103-105. Afl the nodes 103-105 in the trust group 102 have mutual trust 
30 relations with each other, the trust rdations being created widi trusted public keys. 
Thus each node 103-105 in the trust group 102 has the trusted public keys of all 
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15 



die other nodes 103-105 ^within the trust groiq> lOZ The trusted public keys arc 
e.g. used to siga messages to be sent between trusted nodes. The sing^ node 101 
and the trust group constitute an ad hoc communication net^rk 106. According 
to the invention all nodes 101, 103-105 have audiodty to delegate trust to other 
nodes that they trust within the network The sin^ node 101 would like to join 
the trust group 102 and the sin^e node is from now on called tibe candidate node 
101. 

Hither the candidate node 101 sends a broadcast message to all the nodes 103-105 
^inthin die trust group or it imicasts message to a special look up server lat^erc all 
the nodes 103-105 can obtain the tnessage. The message comprises die public key 
that the candidate node 101 wants to use. The message might comprise a set of 
public keys that the candidate node 101 wants to use and possible cerdficate/s 
certifying the public key/s. 

Each node 103-105 within the trust group 102 obtains the public key of the 
candidate node 101, and checks if it trusts the public k^ of the candidate node. 



A node 103 within the trust group that trusts the public key of the candidate node 
20 101 is identified, a so-called X-node 103. The X-node, 

" sends a signed message cotnprisii^ all the trusted keys of die nodes 103-105 

widiin the trust gtoiqp 102 to die candidate node 101, and 
' signs the public key of the candidate node 101 and sends a message 
consprising the key together with the signature to all the other nodes 104, 105 
25 within the trust group 102. 



30 



If none of the nodes 103-105 within the trust group 102 trusts the candidate node 
a trust relation has to be manually created with an arbitrary node 105 within the 
trust group 102. This node 105 thus constxtutes an X-node. A manual creation of 
trust relation between two nodes can be performed in diCferent ways. In one way 
the two nodes enter their pin codes and then exchange public keys using an 
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I 

audieaticated f>n>Tinp>1 The manual cieaticm of trust relations results in tliat eadbi 
node obtaiins a trusted public key ficom tbe other party. 

After the manvoJ creation of trust, the X-node l|05 
5 — sends a signed message comprising all the trusted keys of the nodes 103-105 

within the trust gcoi^ 102 to the candidate ciode 101, and 

I 

— signs the public key of the candidate node 101 and sends a message 
comprising the key together with the signature to all the other nodes 103, 104 
within the trust group lOZ 

10 

I 

Figure 2 shows another scenario of the present inventioxi. In this scenario an ad 
hoc communication network 201 is formed. The trust gcoisps 202, 203, 204 and 
205 within the ad hoc network are used to creaLtc additional tmst relations within 
15 the network. The trust relations are created with signed public keys. The ad hoc 

i 

network comprises nodes A-M. In this emb6dimenc» each of the nodes A-M 
constitutes a node being a candidate for joining a secure ad hoc network i.e., a 
trust groi^ wherein all nodes A-M have mutual itrust relations. 

i 

20 The nodes A, C, D and E have mutual trust relations and constitute a trust 
group 202. j 

The nodes D, E, G, J and K have mutual trust relations and constitute a trust 
group 203. 

The nodes A, £, F and I have mutual trust relations and constitute a trust group 
25 204. I 

1 

The nodes H and M have mutual trust relations! and constitute a trust group 205. 
The node L has no trust rdations to any of the 'pther nodes widiin the network. 

i 

As shown in figure 2, the node E belongs to three trust groups 202, 203 and 204. 
30 The node D and E bdong to two trust groiq)sj 202 and 203. llie nodes A and E 
belong to two trust groins 202 and 204. I 



1 
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According to die invoition all nodes A-M have authority to delegate trust Co oOier 
nodes that they trust, within the network. 201. 

5 Each node A-M within the ad hoc network 201 sends a broadcast message to all 
the nodes A-M within the ad hoc netwoik 201 or a unicast message to a special 
look up server where aU dte nodes A-M can obtain the message. The message 
comprises the pubHc key that the candidate node A-M wants to use. The message 
might comprise a set of public keys that die candidate node wants to use and 
10 possible ccrdficate/s certifying the pubhc kcy/s. 

Each of die nodes A-M obtains the pubhc keys of aO the other nodes A-M, either 
they are trusted or imtmsted. Each node A-M then creates a hst of its trusted 
nodes and their corresponding keys. E.g. node A xtdiich bdongs to trust group 
15 202 trusts the nodes B, Q D and E. 

Tn this scenario^ one node A is decided to act as a server node A. Each of the 
nodes B-M^ sends a r^;i5tration message to the server node A comprising its 
pubUc key and the list of its trusted nodes and their corresponding public keys. 

20 

Using the obtained iufocmation the server node A identifies all the nodes A-M 
and the trust groups 202-205 within the ad hoc network. 

Server node A mig^t find that some nodes or some trust groins are isolated, Le. 
25 neither having a trust reladon with the server node A nor having a tmst reladon 
with any of the nodes that A has a trust rdation with. In this embodiment that 
goes for node L and trust group 205 comprising the nodes H and M. 



30 



In that case server node A asks die node to manually cxeate a trust relation with 
the server node A. Server node furdier A asks one node H in that trust group 205^ 
to manually create a trust reladon widi the server node A- This results in two more 
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10 

trust groups and is illustrated in figure 3. The nodes A and L constitutes trust 
group 301 and the nodes A and li constiiutes trust group 30Z 

The server node A classifies all the nodes within the ad hoc network as being 
5 nodes that the server node A trusts, nodes B, C, D, E, F, I, H and L, i.e, sever- 
tzusted nodes, or as being nodes that server node A not trust, nodes G, J, K and 
M, i-e. server-untiusted nodes. The server node A then makes a list comprising the 
server-untrusted nodes, the so-called untrust-list. 

10 A server-trusted node trusting a server-untcustcd node constitutes a so-called Y- 
node. The server node A identifies as many Y-nodes as required for distributing 
trust relations to all or as many as possible of die server-untrusted nodes. Le. 
server node A identifies node having trust relations with nodes G, K and J, and 
node H having a trust relation with node M. Thus node D and node H can 

15 distribute trust relations between all the server-untrusted nodes and server node A 
according to the following process: 

The server node A sends a message to the identified Y-nodes, the message 
comprising, 

20 - the untrust-Kst comprising the nodes G, J, K and M and their corresponding 
public keys, and 

— a request of distributing as many trust rdations as possible between server 
node A and server-untzusted nodes, 

25 An Y-node obtains the message and checks, whidi of the iLeys it trusts, i-e. which 
of the server-untrusted nodes G, J, K and M the Y-nodc trusts- 

The identified Y-nodes then each perform the foUowing steps 1-3 for each of the 
nodes that the respective Y-node trusts. In this case the Y-node D performs die 
30 steps for each of the nodes G, J and K and Y-node H perfomis the steps for 
node M- 
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1. The Y-node signs the public key of server node A and seads it to the node 
that the Y-node trusts, e^. Node D signs server node A's key and sends it to 
node G, 

2. The Y-node signs the pubUc key of the node that the Y-node trusts and sends 
it to server node A, eg. Node D signs node G's key and sends it to server 
node A. 

3. Server node A reclassifies the node that the Y-node trust, and that the server 
node A now trusts, as now being a server-trusted node, and the untrust-list is 
reduced with said node, e-g. server node A reclassifies node G as being a server 
trusted node and the untrust-Ust is reduced to J, K» and M. 



15 



The distdbudon of trust rdations is now completed and the untxust-list is empty. 
Server node A has collected signed pubUc keys from aD nodes B-M within the ad 
hoc network 201 and sends a message to all nodes B-M comprising server node 
A's collected signed public keys ficom all the nodes B-M within the ad hoc 
network. 



The nodes A-M within the ad hoc communication network 201 now have mutual 
trust relations and a secure ad hoc network is established. 



20 



Figure 4 shows yet another scenario of the present invention. In this scenario an 
ad hoc network 401 comprises two trust groins 402 and 403 wfaidi shall be 
mctged to one trust group cotistituting a secure ad hoc network. The first trust 

25 group 402 comprises a set of nodes, N, O, P, Q and R, all having mutual trust 
relations. The second trust gtoi;^ 403 comprises a set of nodes, S, T, U, V and W, 
all having mutual trust relations smd which all are candidate nodes for joining the 
first trust group 402, The trust relations are created wifli trusted pubHc keys. A 
node P is d^ided to act as a server node P within the first trust gpyup 402 and a 

30 candidate node S is decided to act as a server node S within the second trust 
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group. According to the inventioii* the nodes N-W are authorised to ddega^ tiust 
rdadons to other nodes \vidiin the ne(wo^ that it trusts. 

Server node S sends a message, comprising a list of all candidate nodes T, V 
5 and W within the second trust gcoup 403 and theic corresponding pubhc keys, to 
server node P, First server node P checks if it trusts any of the obtained keys, Le. if 
it has cnist rebitions to any of the candidate nodes S, T, U, V and W. First server 
node P, then classifies Ac candidate nodes as being first server-trusted nodes or as 
being first servec-untrusted node, in this case P-trusted or P-untrusted- 

10 

Tf the classification results in at least one first server-trusted node, a scenario 
comes up as illustrated in figure 5. In this scenario first server node P has a trust 
relation to the node W and first server node P sends a message to second server 
15 node S. The message comprises 

— a list of all nodes N, O, P, Q and R within the first trust group 402 and their 
corresponding public keys, and 

— a list of first server-trusted nodes, vpfaich in this case is the P-tnistcd node W, 
and its corresponding public key, 

20 

Second server node S obtains die message and signs it and forwards it to node W. 

Node W receives the signed message and checks the signature of the message. If 
node W trusts the signature, node W 
25 - signs the received public k^ of the nodes N, O, P, Q and R within the first 
trust group 402, 

— sends a signed message comprising the signed public keys of the nodes N, O, 
P, Q and R within the first trust group 402 to all candidate nodes S, T, U and 
V within the second netsvork, 

30 — sends a signed message comprising aH trusted public kq^ of Ac candidate 
nodes S, T, U, V and W to first server node P. 
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First server node P receives the message and checks the signature of the message 
If it is valid, firsi server node P signs die public keys of die candidate nodes S, T, 
V and W within the second trust group 403 and sends diem in a signed 
5 message to all nodes N, O, Q and R. 

The nodes N-W within the ad hoc network 102 now have mutual trust relations 
and a secure ad hoc communicadon netwod^ is established. 

10 

In another scenario, shown in figure 6, the dassification is resulting in no first 
server-trusted node ie. a P-trusted node. This means that first server node P has 
no trust reladon with any of the candidate nodes S, T, U, V and W. Server node P 
then asks the other nodes N, O, Q and R within the first trust group 402, one by 
IS one, imtil sever node P obtains a positive answer of the question, if they have a 
trust relation with any of the candidate nodes S, T, U, V and W, within the second 
trust group 403. 

In this case, node N has no such trust relation, the query is forwarded to node O, 
20 which has not got such trust rdation either. The query is forwarded to node 

which has a trust relation with node V in the second trust group, and now the 
procedure of distdbuting trust can start. 

Node Q sends a signed message to second server node S. The message conq>rises: 
25 — a hst of all nodes N, O, P, Q and R within the first trust group 402 and their 
corresponding public keys, 
— a Ust of the nodes diat node Q trusts, which in this case is die node V, and its 
corresponding public key. 

30 Second server node S obtains die m^sage and forwards it to node V. 



[If 
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Node V receives the signed message and checks the signatute of the message. If 
node V trusts the signature, it signs the received public keys of the nodes N, O, P, 
Q and R within the first trust group 40Z Node V then sends a signed message 
comprising the signed public keys of the nodes N, O, P, Q and R within the first 
5 trust group 402 to all candidate nodes S, T, U and W within the second network- 
Node V sends a signed message comprising all trusted public keys of the 
candidate nodes S, T, U, V and W to node Q. 

Node Q receives the m^sage and checks the sig^ture of the message- If it is 
10 valid, node Q signs the public keys of the candidate nodes S, T, U, V and W 
within the second trust groi^ 403 and sends the keys in a signed message to the 
other nodes N, O, P and R within the first trust group 40Z 

The nodes N-W wifliin the ad hoc network 102 now have mutual trust rdations 
15 and a secure ad hoc communication network is established. 



In yet another scenario, none of die nodes N, O, P, Q and R, within the first trust 
group 402> have a trust rdation with any of die candidate nodes S, T, U, V and W, 
20 within the second trust group 403. In this case a message is returned to first server 
node P asking node P to manually cteace a trust relation with the second server 
node S. This scenario is illusttated m figure 7. First server node P and second 
server node S now constitute a trust groi^ 701. 

25 First server node P sends a message to second server node S- The message 
comprises a list of all nodes N, O, P, Q and R, within the first trust group 402, 
and their corresponding public keys. 

Second server node S 

30 - signs the received pubhc keys of the nodes N,0,P,Q and R within the first 
trust group 402, 
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— sends a signed message compxismg the signed public keys of tlie nodes N, 

Q and R widiin the fibcst trust group 402 to aU candidate nodes T, U and 
V widiin the second network, 
* sends a signed message comprising all trusted public ke3rs of the candidate 
5 nodes S, T, V and W to first serv-er node P. 

First server node P receives the message and checks the signature of die message. 
If it is valid, first server node P signs die pubhc keys of die candidate nodes S, T, 
U, V and W within the second trust group 403 and sends them in a signed 
10 message to all nodes Q and R. 

The nodes N-W widiin the ad hoc communication network 102 axe now having 
mutual tcust relations and a secure ad hoc neturork is es^blishcd. 



15 
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CLAIMS 



1. Metbod for establishing secudiy in an ad hoc communicadon network (106), 
5 the ad hoc network (106) comprising a set of communication nodes (101, 103- 

10^ whereof at least tvw3 of the nodes (103-105) having a mutual trust rdation 
and thus constituting a trust gcoup (102), the trust relations being created with 
public ke^s, and at least one additional node (101), being a candidate for 
joining the trust group (102) within the ad hoc network (106), characterised 
10 by the nodes having authority to delegate trust to nodes they trust, 

the method comprising the steps of 

— a) identifying a node (103) wiAin the tnist group having a trust relation 
with the candidate node (101), a soK^Iled X-node (103); 

— b) distributing trust relations between all the members in the trust group 
15 (102) and the candidate node (101) by means of the X-node (103)- 

Z The mediod of daim 1, characterised by comprising the 6irtker step to be 
taken before step a), the candidate node (101) sending a message, compilsing 
its pubhc key, to all nodes (103-105) within the n^work 

20 

3. The method of any of the previoxis claims, characterised in that the ad hoc 
netwotk (106) comprises a single trust group (102), and a single candidate 
node (101), wherein step b), implies that the X-node (103) sends a signed 
message, comprising a list of the nodes (104, 105) that the X-nodc (103) trusts 
25 witfiin the ad hoc netwoii (106), and all their corresponding pubhc keys, to 
the r^"f^<Hqti>* node (101). 

4_ Xhe method according to any of the previous daims, characterised in that 
step b) fiuther implies that the X-node (103) signs the candidate node's (101) 
30 public key. 
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5. The method according to die previous daim, ciharacterised in diat step b) 
further implies, the X-node (103)^ sends a message, comprising the can di dat e 
node's (101) signed pubhc key, to the nodes (104-105) within the trust group 
(102). 

5 

6. The method according to daim 2 characterised in that the ad hoc netwodt 
(201) comprises a set of nodes (A-JV^ comprising several trust groins (202- 
205), and all nodes (A-A4) being candidates for joining all trust groups, within 
the ad hoc netwodc, that they are not already a member of, die mediod 

10 comprising die further step to be taken, by each node (A-M), after receiving 

the messages firom all candidate nodes (A-M), 

creating a list of the candidate nodes that the particular node trusts and their - 
corresponding public keys. 



15 7. The method according to die previous daim, characterised by further 
comprising the step of deciding one node (A) widiin the ad hoc network (201) 
to act as a server node (A)- 

S. The mediod according to any of the daims 6-7, characterised by further 
20 comprising the step o^ the server node (A) receiving from each odier node (B- 

M) within the network, a message comprising its respective public key, die 
respective list of the candidate nodes that the respective node trust and their 
corresponding public keys. 

25 9. The method according to the previous daim, characterised by furdier 
comprising the seep of, the server node (A) chsd^ng the at least one candidate 
node as being a server-trusted node (B, C. D, E, F and 1) or as being a server- 
imtrustcd node (G, H, J, K, L and M), depending on whedier die server node 
(A) trusts it or not 

30 
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10. The method according to the previous daim« wherein a server-trusted node 
trusting a scrver-untrusted node constitutes a so-called Y-node, characterised 

5 in that the step a) implies that the server node (A) identifies at least one Y- 

node required for distributing trust idations between the server node (A) and 
as xnany setver-unttusted nodes as possible. 

11, The method according to the previous daim, characterised in stqp b) fiarther 
LO implying that server node (A) sends a request to the identified Y-nodes (D,H) 

of distributing said trust relations between server node A and server-untrusted 
nodes. 



12. The method according to the previous daim, characterised in stqj b) further 
implying that server node (A) obtains said requested trust relations. 

13. The method according to the previous daim, characterised in, die step of 
obtaining the trust rdations comprising that for each server-untrusted node 
that the Y-node have a trust relation with, the Y-node signs the pubhc key of 
the server node (A) and forwards it to the server-untrusted node. 

14. The mediod according to any of the daims 12-13, characterised in the stq> 
of obtaining the trust rdations comprising that for each server-untrusted node 
that the Y-node have a trust relation with, the Y-node signs the public key of 
the server-untrusted node and forwards it to the server node (A). 



15. The method according to any of Ac daims 12-14, characterised by 
comprising the fiirther step o^ server node (A), after obtaining said trust 
relation, redassi^ the scrver-untnisted node widi die obtained trust rdation 
30 as being a server-trusted node. 
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16. The method acGOtding to any of tibe daims 12-15, characterised by 
comprising the further step of, server node (A) sending a signed message 
comprising the server node's (A) all trusted public keys beLonging to trusted 
candidate nodes within the ad hoc network. (201). 

5 

17. An ad hoc communication network (106) comprising a set of cotnmiiniratinn 
nodes (101, 103-105) whereof 

die nodes (101, 103-105) each comprising a receiver and a computer, the 
computer comprising a processor and a memory, 
10 the nodes (101, 103-105) being interconnected with communication links, 

at least two of the nodes (103-105) are having a mutual trust relation and 
thus constituting a tmst group (102), die trust relations being created with 
public keys, and 

at least one additional node (101) being a candidate for joining at least one 
15 trust groiq) (102) wkfain the ad hoc netwozk, 

characterised by 

the candidate node (101) having means tot requesting if any of the nodes 
within the trust group (102) have a trust rdation widi die candidate node 
(101), 

20 the nodes being authodsed to and axe having means for, distributing trust 

relations between its trust group(102) and the candidate node (101) that it 
trusts. 



18. The ad hoc conununication netwo^ (201) according to the previous daim, 
25 characteriBed by each node (A-M) having means for creating a list of the 

candidate nodes that the node trusts and their corresponding public keys, to 
be stored in the memory. 



30 



19, The ad hoc communication network according to any of the daims 17-18, 
characterised in that one node (A) within the ad hoc network (201) being a 
server node (A), capable of administrate distribution of trust rdations. 



20 



20. The ad hoc commimication neiwotk (201) accordmg to the previous daim, 
characterised by the setver node (A) having means for classifying the at least 
one candidate node as being a server-trusted node (B, C, D, E, F and 1), or as 
5 being a server-nntrusted node (G, H, J, K, L and M), depending on ^»dlether 

the server node (A) trusts the candidate node or not. 



21- The ad hoc communication network (201) according to the previous claim 
wherein a server-trusted node trusting a server-untiusted node constitutes a 
10 so-called Y-node characterised by the server node (A) having means for 

identifying at least one Y-node (D, H) required for distributing trust reladons 
between the server node A and the server-untrusted nodes. 



22. The ad hoc communication network (201) according to die previous datm 
characterised by the server node (A) having means for sending to each of the 
identified Y-nodes (D, H), 

a request as to which of the server-untrusted nodes (G, H, J and M) the Y- 
node (D, H) has a trust relation with, and 

a request for distributing trust relations between the server node (A) and 

the requested server-untrusted nodes- 

23- The ad hoc communication network according to any of the daims 20-22, 
characterised by the server node (A) having means for distributing obtained 
trust relations to die nodes within the ad hoc communication network (201). 

24. A computer program product direcdy loadable into the internal memory of a 
digital computer within a node being a member of an ad hoc communication 
network, comprising software code portions for performing the steps of any 
of the daims 1-16 when said product is tun on a computer. 
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25. A computer ptogtam product stored on a computer usable medium^ 
compnsioig readable program for causing a computer^ within a node being a 
member of an ad hoc comTmmication netwotk, to contxol an execution of the 
steps of any of the daims 1-16. 
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ABSTRACT 



The present invmtiQii relates to the tequkement of security in an ad hoc network. 
5 More paxticulariy it relates to the problem within ad hoc netwrorits, not having on- 
line connections to a particulai: server for getting desired public ke^ or certificates, 
required to create trust relations. 

Within an ad hoc communication network, some of the nodes have a mutual trust 
rdation to each other, thus constituting a trust gcoiq>. An additional node widun 
10 die netwotk is being a candidate node for joining the trust groiqp. An X-node is 
jH^n t^fif^^j being a member of a trust group and having a trust rdadon with the 
candidate node. The X-node distdbutes trust relations between the members of 
the trust groiq> and the candidate node. 
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